CVE Daily
← All tags

Tag: Buffer Overflow

All CVEs associated with "Buffer Overflow". Page 2/4 • 470 CVEs.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2025-07-31
Critical

CVE-2013-10042

A stack-based buffer overflow vulnerability exists in freeFTPd version 1.0.10 and earlier in the handling of the FTP PASS command. When an attacker sends a specially crafted password string, the appl…

CVSS: 9.3 CWE: CWE-121
Read more
High

CVE-2013-10036

A stack-based buffer overflow vulnerability exists in Beetel Connection Manager version PCW_BTLINDV1.0.0B04 when parsing the UserName parameter in the NetConfig.ini configuration file. A crafted .ini…

CVSS: 8.4 CWE: CWE-121
Read more
Critical

CVE-2012-10021

A stack-based buffer overflow vulnerability exists in D-Link DIR-605L Wireless N300 Cloud Router firmware versions 1.12 and 1.13 via the getAuthCode() function. The flaw arises from unsafe usage of s…

CVSS: 9.3 CWE: CWE-121
Read more
High

CVE-2011-10008

A stack-based buffer overflow vulnerability exists in MPlayer Lite r33064 due to improper bounds checking when handling M3U playlist files containing long http:// URL entries. An attacker can craft a…

CVSS: 8.6 CWE: CWE-20
Read more
2025-07-30
Medium

CVE-2025-50464

A buffer overflow vulnerability exists in the upload.cgi module of the iptime NAS firmware v1.5.04. The vulnerability arises due to the unsafe use of the strcpy function to copy attacker-controlled d…

CVSS: 6.5 CWE: CWE-121
Read more
2025-07-29
High

CVE-2025-33092

IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to a stack-based buffer overflow in db2fm, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrar…

CVSS: 7.8 CWE: CWE-121
Read more
High

CVE-2025-53715

A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/Wan6to4TunnelCfgRpm.htm file due to missing input parameter validation, which may lead to the buffer…

CVSS: 7.5 CWE: CWE-119
Read more
High

CVE-2025-53714

A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WzdWlanSiteSurveyRpm_AP.htm file due to missing input parameter validation, which may lead to the buf…

CVSS: 7.5 CWE: CWE-119
Read more
High

CVE-2025-53713

A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WlanNetworkRpm_APC.htm file due to missing input parameter validation, which may lead to the buffer o…

CVSS: 7.5 CWE: CWE-119
Read more
High

CVE-2025-53712

A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WlanNetworkRpm_AP.htm file due to missing input parameter validation, which may lead to the buffer ov…

CVSS: 7.5 CWE: CWE-119
Read more
High

CVE-2025-53711

A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WlanNetworkRpm.htm file due to missing input parameter validation, which may lead to the buffer overf…

CVSS: 7.5 CWE: CWE-119
Read more
2025-07-28
Low

CVE-2025-38493

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix crash in timerlat_dump_stack() We have observed kernel panics when using timerlat with stack saving, with th…

CVSS: N/A CWE: N/A
Read more
2025-07-27
High

CVE-2025-8246

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formRoute of the component HTTP…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-8245

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMultiAPVLAN of the…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-8244

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been classified as critical. Affected is an unknown function of the file /boafrm/formMapDelDevice of the component HTTP POST Req…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-8243

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This issue affects some unknown processing of the file /boafrm/formMapDel of the component HTTP POST Request…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-8242

A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Reque…

CVSS: 8.8 CWE: CWE-119
Read more
2025-07-26
High

CVE-2025-8184

A vulnerability was found in D-Link DIR-513 up to 1.10 and classified as critical. This issue affects the function formSetWanL2TPcallback of the file /goform/formSetWanL2TPtriggers of the component H…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-8180

A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function formdeleteUserName of the file /goform/deleteUserName. The manipulation…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-8178

A vulnerability classified as critical has been found in Tenda AC10 16.03.10.13. Affected is an unknown function of the file /goform/RequestsProcessLaid. The manipulation of the argument device1D lea…

CVSS: 8.8 CWE: CWE-119
Read more
Medium

CVE-2025-8177

A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An at…

CVSS: 5.3 CWE: CWE-119
Read more
2025-07-25
High

CVE-2025-8170

A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748_B20211015. This vulnerability affects the function tcpcheck_net of the file /router/meshSlaveDlfw of the component MQTT Pac…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-8169

A vulnerability classified as critical has been found in D-Link DIR-513 1.10. This affects the function formSetWanPPTPcallback of the file /goform/formSetWanPPTPpath of the component HTTP POST Reques…

CVSS: 8.8 CWE: CWE-119
Read more
Medium

CVE-2025-8197

A global buffer overflow vulnerability was found in the soup_header_name_to_string function in Libsoup. The `soup_header_name_to_string` function does not validate the `name` parameter passed in, and…

CVSS: 5.5 CWE: CWE-787
Read more
High

CVE-2025-8168

A vulnerability was found in D-Link DIR-513 1.10. It has been rated as critical. Affected by this issue is the function websAspInit of the file /goform/formSetWanPPPoE. The manipulation of the argume…

CVSS: 8.8 CWE: CWE-119
Read more
Critical

CVE-2014-125117

A stack-based buffer overflow vulnerability in the my_cgi.cgi component of certain D-Link devices, including the DSP-W215 version 1.02, can be exploited via a specially crafted HTTP POST request to t…

CVSS: 9.3 CWE: CWE-20
Read more
High

CVE-2014-125114

A stack-based buffer overflow vulnerability exists in i-Ftp version 2.20 due to improper handling of the Time attribute within Schedule.xml. By placing a specially crafted Schedule.xml file in the i-…

CVSS: 8.4 CWE: CWE-20
Read more
High

CVE-2025-8160

A vulnerability classified as critical has been found in Tenda AC20 up to 16.03.08.12. Affected is an unknown function of the file /goform/SetSysTimeCfg of the component httpd. The manipulation of th…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-8159

A vulnerability was found in D-Link DIR-513 1.0. It has been rated as critical. This issue affects the function formLanguageChange of the file /goform/formLanguageChange of the component HTTP POST Re…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-8140

A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521. It has been declared as critical. This vulnerability affects unknown code of the file /boafrm/formWlanMultipleAP of the component HTT…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-8139

A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521. It has been classified as critical. This affects an unknown part of the file /boafrm/formPortFw of the component HTTP POST Request Ha…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-8138

A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formOneKeyAccessButton of the com…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-8137

A vulnerability has been found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formIpQoS of the compo…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-8136

A vulnerability, which was classified as critical, was found in TOTOLINK A702R 4.0.0-B20230721.1521. Affected is an unknown function of the file /boafrm/formFilter of the component HTTP POST Request…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-8131

A vulnerability was found in Tenda AC20 16.03.08.05. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /goform/SetStaticRouteCfg. The manipulati…

CVSS: 8.8 CWE: CWE-119
Read more
2025-07-24
Medium

CVE-2025-51089

Tenda AC8V4 V16.03.34.06` was discovered to contain heap overflow at /goform/GetParentControlInfo.The manipulation of the argument `mac` leads to heap-based buffer overflow.

CVSS: 6.5 CWE: CWE-122
Read more
Medium

CVE-2025-51088

Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/WifiGuestSet. The manipulation of the argument `shareSpeed` leads to stack-based buffer overflow.

CVSS: 5.3 CWE: CWE-121
Read more
High

CVE-2025-51087

Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/saveParentControlInfo. The manipulation of the argument time leads to stack-based buffer overflow.

CVSS: 8.6 CWE: CWE-121
Read more
Medium

CVE-2025-51085

Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/SetSysTimeCfg. The manipulation of the argument `timeZone` and `timeType` leads to stack-based buffer overflow.

CVSS: 5.3 CWE: CWE-121
Read more
Medium

CVE-2025-51082

Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/fast_setting_wifi_set. The manipulation of the argument `timeZone` leads to stack-based buffer overflow.

CVSS: 5.3 CWE: CWE-121
Read more
2025-07-23
High

CVE-2025-40597

A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.

CVSS: 7.5 CWE: CWE-122
Read more
High

CVE-2025-40596

A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution.

CVSS: 7.3 CWE: CWE-121
Read more
High

CVE-2025-33077

IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-33076

IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute…

CVSS: 8.8 CWE: CWE-119
Read more
Critical

CVE-2025-41687

An unauthenticated remote attacker may use a stack based buffer overflow in the u-link Management API to gain full access on the affected devices.

CVSS: 9.8 CWE: CWE-121
Read more
High

CVE-2025-31701

A vulnerability has been found in Dahua products. Attackers could exploit a buffer overflow vulnerability by sending specially crafted malicious packets, potentially causing service disruption (e.g.…

CVSS: 8.1 CWE: CWE-120
Read more
High

CVE-2025-31700

A vulnerability has been found in Dahua products. Attackers could exploit a buffer overflow vulnerability by sending specially crafted malicious packets, potentially causing service disruption (e.g.…

CVSS: 8.1 CWE: CWE-120
Read more
High

CVE-2025-8060

A vulnerability has been found in Tenda AC23 16.03.07.52 and classified as critical. Affected by this vulnerability is the function sub_46C940 of the file /goform/setMacFilterCfg of the component htt…

CVSS: 8.8 CWE: CWE-119
Read more
2025-07-22
High

CVE-2025-8019

A vulnerability was found in Shenzhen Libituo Technology LBT-T300-T310 2.2.3.6. It has been rated as critical. Affected by this issue is the function sub_40B6F0 of the file at/appy.cgi. The manipulat…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-8017

A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. Affected is the function formSetMacFilterCfg of the file /goform/setMacFilterCfg of the component httpd. The ma…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7945

A vulnerability was found in D-Link DIR-513 up to 20190831. It has been declared as critical. This vulnerability affects the function formSetWanDhcpplus of the file /goform/formSetWanDhcpplus. The ma…

CVSS: 8.8 CWE: CWE-119
Read more
2025-07-21
Medium

CVE-2025-41679

An unauthenticated remote attacker could exploit a buffer overflow vulnerability in the device causing a denial of service that affects only the network initializing wizard (Conftool) service.

CVSS: 5.3 CWE: CWE-787
Read more
Critical

CVE-2025-7921

Certain modem models developed by Askey has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and potentially execute arbi…

CVSS: 9.8 CWE: CWE-121
Read more
High

CVE-2025-7914

A vulnerability has been found in Tenda AC6 15.03.06.50 and classified as critical. Affected by this vulnerability is the function setparentcontrolinfo of the component httpd. The manipulation leads…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7913

A vulnerability, which was classified as critical, was found in TOTOLINK T6 4.1.5cu.748_B20211015. Affected is the function updateWifiInfo of the component MQTT Service. The manipulation of the argum…

CVSS: 8.8 CWE: CWE-119
Read more
2025-07-20
High

CVE-2025-7912

A vulnerability, which was classified as critical, has been found in TOTOLINK T6 4.1.5cu.748_B20211015. This issue affects the function recvSlaveUpgstatus of the component MQTT Service. The manipulat…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7911

A vulnerability classified as critical was found in D-Link DI-8100 1.0. This vulnerability affects the function sprintf of the file /upnp_ctrl.asp of the component jhttpd. The manipulation of the arg…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7910

A vulnerability classified as critical has been found in D-Link DIR-513 1.10. This affects the function sprintf of the file /goform/formSetWanNonLogin of the component Boa Webserver. The manipulation…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7909

A vulnerability was found in D-Link DIR-513 1.0. It has been rated as critical. Affected by this issue is the function sprintf of the file /goform/formLanSetupRouterSettings of the component Boa Webs…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7908

A vulnerability was found in D-Link DI-8100 1.0. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file /ddns.asp?opt=add of the component jhttpd. The ma…

CVSS: 8.8 CWE: CWE-119
Read more
2025-07-19
High

CVE-2025-7855

A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7854

A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to st…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7853

A vulnerability was found in Tenda FH451 1.0.0.9. It has been rated as critical. This issue affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page lea…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7837

A vulnerability was found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical. Affected by this issue is the function recvSlaveStaInfo of the component MQTT Service. The manipulation of t…

CVSS: 8.8 CWE: CWE-119
Read more
2025-07-18
High

CVE-2025-7807

A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. This issue affects the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. The manipulation of the…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7806

A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. This vulnerability affects the function fromSafeClientFilter of the file /goform/SafeClientFilter. The manipulation of the arg…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7805

A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserSetting of the file /goform/PPTPUserSetting. The manipulation of the argument delno…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7796

A vulnerability, which was classified as critical, was found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserAdd of the file /goform/PPTPDClient. The manipulation of the argument Userna…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7795

A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7794

A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7793

A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function formWebTypeLibrary of the file /goform/webtypelibrary. The manipulation of the argument webSiteI…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7792

A vulnerability was found in Tenda FH451 1.0.0.9. It has been rated as critical. This issue affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argum…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7790

A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been classified as critical. This affects an unknown part of the file /menu_nat.asp of the component HTTP Request Handler. The manipulat…

CVSS: 8.8 CWE: CWE-119
Read more
Medium

CVE-2025-53888

RIOT-OS, an operating system that supports Internet of Things devices, has an ineffective size check implemented with `assert()` can lead to buffer overflow in versions up to and including 2025.04. A…

CVSS: 6.6 CWE: CWE-120
Read more
2025-07-17
High

CVE-2025-7762

A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07.26A1. This issue affects some unknown processing of the file /menu_nat_more.asp of the component HTTP Request…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7758

A vulnerability, which was classified as critical, has been found in TOTOLINK T6 up to 4.1.5cu.748_B20211015. Affected by this issue is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi o…

CVSS: 8.8 CWE: CWE-119
Read more
Medium

CVE-2025-4657

A buffer overflow vulnerability was reported in the Lenovo Protection Driver, prior to version 5.1.1110.4231, used in Lenovo PC Manager, Lenovo Browser, and Lenovo App Store could allow a local attac…

CVSS: 6.7 CWE: CWE-122
Read more
High

CVE-2025-7747

A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. The ma…

CVSS: 8.8 CWE: CWE-119
Read more
Critical

CVE-2025-51630

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a buffer overflow via the ePort parameter in the function setIpPortFilterRules.

CVSS: 9.8 CWE: CWE-120
Read more
2025-07-16
High

CVE-2025-34128

A buffer overflow vulnerability exists in the X360 VideoPlayer ActiveX control (VideoPlayer.ocx) version 2.6 when handling overly long arguments to the ConvertFile() method. An attacker can exploit t…

CVSS: 8.6 CWE: CWE-94
Read more
Critical

CVE-2025-34127

A stack-based buffer overflow exists in Achat v0.150 in its default configuration. By sending a specially crafted message to the UDP port 9256, an attacker can overwrite the structured exception hand…

CVSS: 9.3 CWE: CWE-94
Read more
High

CVE-2025-34124

A buffer overflow vulnerability exists in Heroes of Might and Magic III Complete 4.0.0.0, HD Mod 3.808 build 9, and Demo 1.0.0.0 via malicious .h3m map files that exploit object sprite name parsing l…

CVSS: 8.4 CWE: CWE-20
Read more
High

CVE-2025-34123

A stack-based buffer overflow vulnerability exists in VideoCharge Studio 2.12.3.685 when processing a specially crafted .VSC configuration file. The issue occurs due to improper handling of user-supp…

CVSS: 8.4 CWE: CWE-20
Read more
Critical

CVE-2025-7673

A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-…

CVSS: 9.8 CWE: CWE-120
Read more
2025-07-15
Medium

CVE-2025-52082

In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer overflow exists in the HTTPD service through the usb_device.cgi endpoint. The vulnerability occurs when processing POST requests containing th…

CVSS: 6.5 CWE: CWE-121
Read more
Medium

CVE-2025-52081

In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer overflow vulnerability exists in the HTTPD service through the usb_device.cgi endpoint. The vulnerability occurs when processing POST requests…

CVSS: 6.5 CWE: CWE-121
Read more
Medium

CVE-2025-52080

In Netgear XR300 V1.0.3.38_10.3.30, a stack-based buffer overflow vulnerability exists in the HTTPD service through the usb_device.cgi endpoint. The vulnerability occurs when processing POST requests…

CVSS: 6.5 CWE: CWE-121
Read more
High

CVE-2025-34108

A stack-based buffer overflow vulnerability exists in the login functionality of Disk Pulse Enterprise version 9.0.34. An attacker can send a specially crafted HTTP POST request to the /login endpoin…

CVSS: 8.6 CWE: CWE-20
Read more
High

CVE-2025-34107

A buffer overflow vulnerability exists in the WinaXe FTP Client version 7.7 within the FTP banner parsing functionality, WCMDPA10.dll. When the client connects to a remote FTP server and receives an…

CVSS: 8.7 CWE: CWE-121
Read more
High

CVE-2025-34106

A buffer overflow vulnerability exists in PDF Shaper versions 3.5 and 3.6 when converting a crafted PDF file to an image using the 'Convert PDF to Image' functionality. An attacker can exploit this v…

CVSS: 8.4 CWE: CWE-119
Read more
Critical

CVE-2025-34105

A stack-based buffer overflow vulnerability exists in the built-in web interface of DiskBoss Enterprise versions 7.4.28, 7.5.12, and 8.2.14. The vulnerability arises from improper bounds checking on…

CVSS: 10.0 CWE: CWE-20
Read more
Medium

CVE-2025-24477

A heap-based buffer overflow in Fortinet FortiOS versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2.4 through 7.2.11 allows an attacker to escalate its privileges via a specially crafted CLI comm…

CVSS: 4.2 CWE: CWE-122
Read more
2025-07-14
Low

CVE-2025-53014

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the `InterpretImageFilename` func…

CVSS: 3.7 CWE: CWE-125
Read more
High

CVE-2025-7603

A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been classified as critical. Affected is an unknown function of the file /jingx.asp of the component HTTP Request Handler. The manipulat…

CVSS: 7.2 CWE: CWE-119
Read more
High

CVE-2025-7602

A vulnerability was found in D-Link DI-8100 16.07.26A1 and classified as critical. This issue affects some unknown processing of the file /arp_sys.asp of the component HTTP Request Handler. The manip…

CVSS: 7.2 CWE: CWE-119
Read more
High

CVE-2025-7598

A vulnerability classified as critical was found in Tenda AX1803 1.0.0.1. Affected by this vulnerability is the function formSetWifiMacFilterCfg of the file /goform/setWifiFilterCfg. The manipulation…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7597

A vulnerability classified as critical has been found in Tenda AX1803 1.0.0.1. Affected is the function formSetMacFilterCfg of the file /goform/setMacFilterCfg. The manipulation of the argument devic…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7596

A vulnerability was found in Tenda FH1205 2.0.0.7(775). It has been rated as critical. This issue affects the function formWifiExtraSet of the file /goform/WifiExtraSet. The manipulation of the argum…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7586

A vulnerability was found in Tenda AC500 2.0.1.9(1307). It has been declared as critical. Affected by this vulnerability is the function formSetAPCfg of the file /goform/setWtpData. The manipulation…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7571

A vulnerability classified as critical has been found in UTT HiPER 840G up to 3.1.1-190328. This affects an unknown part of the file /goform/aspApBasicConfigUrcp. The manipulation of the argument Use…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7570

A vulnerability was found in UTT HiPER 840G up to 3.1.1-190328. It has been rated as critical. Affected by this issue is some unknown functionality of the file /goform/aspRemoteApConfTempSend. The ma…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7551

A vulnerability was found in Tenda FH1201 1.2.0.14(408). It has been declared as critical. Affected by this vulnerability is the function fromPptpUserAdd of the file /goform/PPTPDClient. The manipula…

CVSS: 8.8 CWE: CWE-119
Read more
2025-07-13
High

CVE-2025-7550

A vulnerability was found in Tenda FH1201 1.2.0.14(408). It has been classified as critical. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer. The manipulation of the argu…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7549

A vulnerability was found in Tenda FH1201 1.2.0.14(408) and classified as critical. This issue affects the function frmL7ProtForm of the file /goform/L7Prot. The manipulation of the argument page lea…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7548

A vulnerability has been found in Tenda FH1201 1.2.0.14(408) and classified as critical. This vulnerability affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulat…

CVSS: 8.8 CWE: CWE-119
Read more
Medium

CVE-2025-7545

A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copy_section of the file binutils/objcopy.c. The manipulation leads to heap-ba…

CVSS: 5.3 CWE: CWE-119
Read more
High

CVE-2025-7544

A vulnerability was found in Tenda AC1206 15.03.06.23. It has been rated as critical. This issue affects the function formSetMacFilterCfg of the file /goform/setMacFilterCfg. The manipulation of the…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7532

A vulnerability has been found in Tenda FH1202 1.2.0.14(408) and classified as critical. This vulnerability affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. The…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7531

A vulnerability, which was classified as critical, was found in Tenda FH1202 1.2.0.14(408). This affects the function fromPptpUserSetting of the file /goform/PPTPUserSetting. The manipulation of the…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7530

A vulnerability, which was classified as critical, has been found in Tenda FH1202 1.2.0.14(408). Affected by this issue is the function fromPptpUserAdd of the file /goform/PPTPDClient. The manipulati…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7529

A vulnerability classified as critical was found in Tenda FH1202 1.2.0.14(408). Affected by this vulnerability is the function fromNatlimit of the file /goform/Natlimit. The manipulation of the argum…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7528

A vulnerability classified as critical has been found in Tenda FH1202 1.2.0.14(408). Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer. The manipulation of the argument dip…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7527

A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been rated as critical. This issue affects the function fromAdvSetWan of the file /goform/AdvSetWan. The manipulation of the argument P…

CVSS: 8.8 CWE: CWE-119
Read more
2025-07-12
High

CVE-2025-7506

A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatlimit of the file /goform/Natlimit of the component HTTP POST Request Ha…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7505

A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function frmL7ProtForm of the file /goform/L7Prot of the component HTTP POST Request Handler. The manipul…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7468

A vulnerability has been found in Tenda FH1201 1.2.0.14 and classified as critical. This vulnerability affects the function fromSafeUrlFilter of the file /goform/fromSafeUrlFilter of the component HT…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7465

A vulnerability classified as critical was found in Tenda FH1201 1.2.0.14. Affected by this vulnerability is the function fromRouteStatic of the file /goform/fromRouteStatic of the component HTTP POS…

CVSS: 8.8 CWE: CWE-119
Read more
High

CVE-2025-7463

A vulnerability was found in Tenda FH1201 1.2.0.14. It has been declared as critical. This vulnerability affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component HTTP…

CVSS: 8.8 CWE: CWE-119
Read more
Critical

CVE-2023-38036

A security vulnerability within Ivanti Avalanche Manager before version 6.4.1 may allow an unauthenticated attacker to create a buffer overflow that could result in service disruption or arbitrary co…

CVSS: 9.8 CWE: CWE-120
Read more
2025-07-11
High

CVE-2025-7460

A vulnerability has been found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical. Affected by this vulnerability is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the…

CVSS: 8.8 CWE: CWE-119
Read more